Daniel J. Bernstein

Daniel Julius Bernstein ( born October 29, 1971 in East Patchogue, Long Iceland, New York) is a German-American mathematician ( Algorithmic Number Theory ), a cryptologist, programmer and professor at the University of Illinois at Chicago.


Bernstein studied mathematics at New York University ( BA 1991) and his PhD in 1995 at Hendrik Lenstra at the University of California, Berkeley. From 1995 he was a Research Assistant Professor at the University of Illinois at Chicago, from 1998 assistant professor, associate professor in 2001 and professor from 2005 ( in the Faculty of Mathematics, Statistics and computer science and from 2003 at the same time as an adjunct professor in the faculty of computer science ). He has been a visiting professor at the Technical University of Denmark, Lyngby (2006), at the University of Sydney (2004) and visiting scientist at the Fields Institute in Toronto and at the MSRI ( Key Senior Scientist in algorithmic number theory, 2000).


1996 Bernstein worked with Eric Schenk SYN cookies in order to protect the server from damages caused by SYN flood denial of service.

In 2001 he attracted attention when he published Considerations ( Circuits for integer factorization - a proposal, 2001), whereby the then available computer hardware might be enough to three times to factor ( the number of digits after ) than previously assumed greater numbers. At that time, the bar was faktorisierbarer numbers numbers with about 512 bits; According to his arguments, that is, numbers with 1500 bits would be vulnerable, in contrast to the general notions of secure RSA keys that were based on published literature - the knowledge of the NSA and other intelligence agencies is of course unknown to the public. Bernstein's work but was criticized by other mathematicians.

In May 2005, Bernstein published an article about an unexpectedly simple timing attack on the Advanced Encryption Standard ( AES).

Bernstein is co-founder of PQCrypto, a conference on post- quantum cryptography.

Software releases

Bernstein ( known in the computer science circles with the symbol djb 's ) wrote a software library for the Fast Fourier Transform ( FFT), DJBFFT. He developed with AOL Atkin and implemented (in the form of the program PrimeGen ) also a quick Primzahlsieb ( sieve of Atkin ).

Since the 1990s, he developed and also implemented fast algorithms for the number field sieve and cryptography using elliptic curves.

He is also author of the following programs:

  • qmail - a mail transfer agent (for the Bernstein also the directory structure created Maildir )
  • djbdns - a collection of programs DNS ( name server, DNS cache, and client programs )
  • Daemontools - a collection of programs for starting and monitoring daemon processes
  • Public file - a blown Web security and performance FTP server and Web server without CGI support
  • ezmlm - a software for operating the mailing lists

The author and its software are very controversial, because on the one hand is the published software he of high quality; on the other hand, he is aware of existing standards of time ( for example, the location of files in the directory tree ), its software is not maintained by him ( he sees it as an error to ) and he assumes no expansion proposals. For a long time he released his software under licenses that were not recognized as free software, which is why many Linux distributions refused to accept this. However, he has declared almost all software in the public domain in November 2007, so this problem no longer exists.

Bernstein prices for Finder vulnerabilities advertised for some of its software projects. He paid in March 2009 1.000 U.S. dollars to Matthew Dempsky for finding a security hole in djbdns (see also # qmail security).

Bernstein has the hash algorithm CubeHash developed as a proposal for SHA -3, this made ​​it but not in the round of finalists. Furthermore, he is currently developing the DNSSEC alternative DNSCurve that uses the developed by him elliptic curve cryptosystem Curve25519. Also built on Curve25519 he is working on CurveCP, an alternative to TCP transport protocol that guarantees confidentiality and authenticity.

Bernstein, the benchmarking tool developed Supercop, which is testing a variety of cryptographic algorithms under realistic conditions. Together with Tanja Lange, he runs the website eBACS, an extensive collection of benchmark results of cryptographic algorithms. The eBACS results for hash functions are, according to NIST is an important criterion for the selection of SHA- third


Bernstein has a long fight against the American export restrictions on cryptography behind. He also criticized several well-known software patents (for example, by Whitfield Diffie and Martin Hellman on public-key cryptography), due to the U.S. patent law (after the publication of the patent items when applying for the patent no longer than may have passed one year).